From owner-freebsd-bugs@FreeBSD.ORG Thu Sep 4 05:10:13 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C489A16A4BF for ; Thu, 4 Sep 2003 05:10:13 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01A4C43FF9 for ; Thu, 4 Sep 2003 05:10:13 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h84CACUp044329 for ; Thu, 4 Sep 2003 05:10:12 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h84CACrV044328; Thu, 4 Sep 2003 05:10:12 -0700 (PDT) Date: Thu, 4 Sep 2003 05:10:12 -0700 (PDT) Message-Id: <200309041210.h84CACrV044328@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: "James F. Hranicky" Subject: Re: conf/56031: ipfw hangs on every invocation X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "James F. Hranicky" List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Sep 2003 12:10:13 -0000 The following reply was made to PR conf/56031; it has been noted by GNATS. From: "James F. Hranicky" To: Robert Watson Cc: FreeBSD-gnats-submit@FreeBSD.org, admin@cise.ufl.edu, freebsd-bugs@FreeBSD.org Subject: Re: conf/56031: ipfw hangs on every invocation Date: Thu, 4 Sep 2003 08:01:42 -0400 On Wed, 3 Sep 2003 11:45:41 -0400 (EDT) Robert Watson wrote: > On Wed, 3 Sep 2003, James F. Hranicky wrote: > I'd step up to the ioctl in question, and then see if it really hangs in > the ioctl(), or if it gets past and starts spinning. If it's the ioctl(), > it would be very helpful to know which file descriptor it's on, and what > the arguments are. If it's not the ioctl() call, we need to figure out > which loop isn't taking something important into account. I think I've found it. First off, I neglected to mention I've added IPFW2=TRUE to /etc/make.conf, so I'm using ipfw2 (sorry!). After tracing through, it does seem to be a logic error in ipfw2.c . At line 1036, there a loop like so: for (l = rule->act_ofs, cmd = rule->cmd ; l > 0 ; l -= F_LEN(cmd) , cmd += F_LEN(cmd)) { The loop is supposed to quit when l == 0, and l is supposed to be decremented by F_LEN(cmd) each time. F_LEN is defined as #define F_LEN_MASK 0x3f #define F_LEN(cmd) ((cmd)->len & F_LEN_MASK) Checking the values of the cmd struct: (gdb) p *cmd $6 = {opcode = O_NOP, len = 0 '\000', arg1 = 0} Darn, l is always decremented by 0. I'll probably fix the problem on my end by temporarily disabling ipfw2 (since I'm not really even using it at the moment). Hope this helps. Jim